diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml new file mode 100644 index 0000000..375f3bd --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -0,0 +1,41 @@ +name: Bug +description: File a bug report +title: "[BUG]: " +labels: ["Type: Bug", "Status: Triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: textarea + id: what-happened + attributes: + label: What happened? + description: What did you do? What happened? What did you expect to happen? + placeholder: Put your description of the bug here. + validations: + required: true + - type: textarea + id: versions + attributes: + label: Versions + description: What versions of the relevant software are you running? + placeholder: 1.0.0 + validations: + required: true + - type: textarea + id: logs + attributes: + label: Relevant log output + description: | + Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + Please check your logs before submission to ensure sensitive information is redacted. + render: shell + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this issue, you agree to follow our [Code of Conduct](./CODE_OF_CONDUCT.md) + options: + - label: I agree to follow this project's Code of Conduct + required: true diff --git a/.github/ISSUE_TEMPLATE/documentation.yml b/.github/ISSUE_TEMPLATE/documentation.yml new file mode 100644 index 0000000..1990961 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/documentation.yml @@ -0,0 +1,41 @@ +name: Documentation +description: Update or add documentation +title: "[DOCS]: " +labels: ["Type: Documentation", "Status: Triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill this out! + - type: textarea + id: describe-need + attributes: + label: Describe the need + description: What do you wish was different about our docs? + placeholder: Describe the need for documentation updates here. + validations: + required: true + - type: input + id: library_version + attributes: + label: Version + description: Do these docs apply to a specific version? + placeholder: 1.1.1 + validations: + required: false + - type: textarea + id: logs + attributes: + label: Relevant log output + description: | + Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + Please check your logs before submission to ensure sensitive information is redacted. + render: shell + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this documentation issue, you agree to follow our [Code of Conduct](CODE_OF_CONDUCT.md) + options: + - label: I agree to follow this project's Code of Conduct + required: true diff --git a/.github/ISSUE_TEMPLATE/feature.yml b/.github/ISSUE_TEMPLATE/feature.yml new file mode 100644 index 0000000..3bf43c6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature.yml @@ -0,0 +1,41 @@ +name: Feature +description: Suggest an idea for a new feature or enhancement +title: "[FEAT]: " +labels: ["Type: Feature", "Status: Triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill this out! + - type: textarea + id: describe-need + attributes: + label: Describe the need + description: What do you want to happen? What problem are you trying to solve? + placeholder: Describe the need for the feature. + validations: + required: true + - type: input + id: library_version + attributes: + label: Library Version + description: Does this feature suggestion apply to a specific version? + placeholder: 1.0.0 + validations: + required: false + - type: textarea + id: logs + attributes: + label: Relevant log output + description: | + Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + Please check your logs before submission to ensure sensitive information is redacted. + render: shell + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this feature request, you agree to follow our [Code of Conduct](CODE_OF_CONDUCT.md) + options: + - label: I agree to follow this project's Code of Conduct + required: true diff --git a/.github/ISSUE_TEMPLATE/maintenance.yml b/.github/ISSUE_TEMPLATE/maintenance.yml new file mode 100644 index 0000000..5eff93c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/maintenance.yml @@ -0,0 +1,41 @@ +name: Maintenance +description: Dependencies, cleanup, refactoring, reworking of code +title: "[MAINT]: " +labels: ["Type: Maintenance", "Status: Triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill this out! + - type: textarea + id: describe-need + attributes: + label: Describe the need + description: What do you want to happen? + placeholder: Describe the maintenance need here. + validations: + required: true + - type: input + id: library_version + attributes: + label: Library Version + description: Does this maintenance apply to a specific version? + placeholder: v1.0.0 + validations: + required: false + - type: textarea + id: logs + attributes: + label: Relevant log output + description: | + Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + Please check your logs before submission to ensure sensitive information is redacted. + render: shell + - type: checkboxes + id: terms + attributes: + label: Code of Conduct + description: By submitting this request, you agree to follow our [Code of Conduct](CODE_OF_CONDUCT.md) + options: + - label: I agree to follow this project's Code of Conduct + required: true diff --git a/.github/actions/import-gpg-key/action.yaml b/.github/actions/import-gpg-key/action.yaml new file mode 100644 index 0000000..18f554b --- /dev/null +++ b/.github/actions/import-gpg-key/action.yaml @@ -0,0 +1,24 @@ +name: "Import GPG Key" +description: "Imports a GPG key given in the input" +inputs: + gpg-private-key: + required: true + description: "The GPG Private Key in plain text. Can be a sub-key." +runs: + using: "composite" + steps: + - name: List Keys + shell: bash + run: | + gpg -K --keyid-format=long + + - name: Import GPG Private Key + shell: bash + run: | + echo "use-agent" >> ~/.gnupg/gpg.conf + echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf + echo -e "${{ inputs.gpg-private-key }}" | gpg --import --batch + for fpr in $(gpg --list-keys --with-colons | awk -F: '/fpr:/ {print $10}' | sort -u); + do + echo -e "5\\ny\\n" | gpg --batch --command-fd 0 --expert --edit-key $fpr trust; + done \ No newline at end of file diff --git a/.github/workflows/dependencies-update.yaml b/.github/workflows/dependencies-update.yaml new file mode 100644 index 0000000..e159df7 --- /dev/null +++ b/.github/workflows/dependencies-update.yaml @@ -0,0 +1,58 @@ +name: "Update DEPENDENCIES file" + +on: + push: + branches: [ "*" ] + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + permissions: + pull-requests: write + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'zulu' + cache: maven + + - name: Generate Dependencies file + run: mvn org.eclipse.dash:license-tool-plugin:license-check -Ddash.summary=DEPENDENCIES -P dash + + - name: Check if file was changed + run: | + if git diff --name-only ${{ github.base_ref }}...${{ github.sha }} | grep -e 'DEPENDENCIES'; then + echo "The file was changed" + echo "was_file_changed=true" >> "$GITHUB_ENV" + git + else + echo "The file was not changed" + echo "was_file_changed=false" >> "$GITHUB_ENV" + fi + + - name: Configure Git + if: ${{ env.was_file_changed }} == 'true' + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Create pull request + if: ${{ env.was_file_changed }} == 'true' + uses: peter-evans/create-pull-request@v6 + with: + add-paths: | + DEPENDENCIES + token: ${{ secrets.ECSP_BOT_PAT }} + branch: chore/update-DEPENDENCIES + commit-message: "chore(dependencies): Update DEPENDENCIES" + delete-branch: true + title: Update DEPENDENCIES + body: | + This PR updates the DEPENDENCIES \ No newline at end of file diff --git a/.github/workflows/license-compliance.yml b/.github/workflows/license-compliance.yml new file mode 100644 index 0000000..969b36c --- /dev/null +++ b/.github/workflows/license-compliance.yml @@ -0,0 +1,44 @@ +name: License Compliance + +on: + push: + branches: [ "*" ] + paths-ignore: + - '**/NOTICE' + - '**/NOTICE.md' + - '**/CODE_OF_CONDUCT.md' + - '**/CONTRIBUTING.md' + - '**/SECURITY.md' + pull_request: + branches: [ "*" ] + workflow_dispatch: + +permissions: + pull-requests: read + contents: write + +jobs: + check-licenses: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'zulu' + cache: maven + server-id: github # Value of the distributionManagement/repository/id field of the pom.xml + settings-path: ${{ github.workspace }} # location for the settings.xml file + - name: Allow dash.sh to be executed + run: chmod +x ./eclipse-dash/dash.sh + - name: Generate List of dependencies + run: ./eclipse-dash/dash.sh + env: + GITHUB_TOKEN: ${{ secrets.REPO_TOKEN }} + - name: Archive DEPENDENCIES file + if: always() + uses: actions/upload-artifact@v4 + with: + name: LICENSE_INFO + path: DEPENDENCIES diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml new file mode 100644 index 0000000..ae4fc94 --- /dev/null +++ b/.github/workflows/maven-build.yml @@ -0,0 +1,74 @@ +# This workflow will build a package using Maven and run sonar scan on it + +name: Maven Packaging and Sonar Analysis + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + pull-requests: read + + steps: + - uses: actions/checkout@v4 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'zulu' + + - name: Build with Maven + run: mvn clean -B package --file pom.xml + + check_sonar_configured: + runs-on: ubuntu-latest + steps: + - name: check_sonar_configured + run: | + echo "Checking if sonar is configured: ${{ env.SONAR_CONFIGURED }}" + env: + SONAR_CONFIGURED: ${{ secrets.SONAR_TOKEN != '' }} + outputs: + sonar_configured: ${{ env.SONAR_CONFIGURED }} + + + analysis_with_sonar_cloud: + needs: [check_sonar_configured] + # No need to run if we cannot use the sonar token + if: >- + needs.check_sonar_configured.outputs.sonar_configured == 'true' + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + pull-requests: read + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'zulu' + server-id: github + settings-path: ${{ github.workspace }} + + - name: Analyze with SonarCloud + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: | + mvn --update-snapshots verify \ + org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ + -Dsonar.projectKey=eclipse-ecsp_streambase -Dsonar.organization=eclipse-ecsp \ + -Dcheckstyle.skip -Dpmd.skip=true diff --git a/.github/workflows/maven-deploy.yml b/.github/workflows/maven-deploy.yml new file mode 100644 index 0000000..a805da7 --- /dev/null +++ b/.github/workflows/maven-deploy.yml @@ -0,0 +1,76 @@ +# This workflow will deploy JAR to Maven Central repository + +name: Maven Deploy + +on: + release: + types: [created] + workflow_dispatch: + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + secret-presence: + runs-on: ubuntu-latest + outputs: + HAS_OSSRH: ${{ steps.secret-presence.outputs.HAS_OSSRH }} + steps: + - name: Check whether secrets exist + id: secret-presence + run: | + [ ! -z "${{ secrets.GPG_PASSPHRASE }}" ] && + [ ! -z "${{ secrets.GPG_PRIVATE_KEY }}" ] && + [ ! -z "${{ secrets.OSSRH_USERNAME }}" ] && + [ ! -z "${{ secrets.OSSRH_PASSWORD }}" ] && + echo "HAS_OSSRH=true" >> $GITHUB_OUTPUT + exit 0 + + publish-to-sonatype: + name: "Publish artifacts to OSSRH Snapshots / MavenCentral" + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + needs: [ secret-presence ] + + if: | + needs.secret-presence.outputs.HAS_OSSRH + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'zulu' + settings-path: ${{ github.workspace }} + + - uses: ./.github/actions/import-gpg-key + name: "Import GPG Key" + with: + gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + + - name: Configure Maven settings + run: | + mkdir -p $HOME/.m2 + echo " + + + ossrh + ${{ secrets.OSSRH_USERNAME }} + ${{ secrets.OSSRH_PASSWORD }} + + + " > $HOME/.m2/settings.xml + + - name: Copy License information + run: | + mkdir -p streambase/src/main/resources/META-INF/ + cp LICENSE NOTICE.md DEPENDENCIES SECURITY.md streambase/src/main/resources/META-INF/ + + - name: Publish version + run: |- + VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) + mvn clean deploy -s $HOME/.m2/settings.xml -Dgpg.passphrase="${{ secrets.GPG_PASSPHRASE }}" -Prelease -Drevision=$VERSION \ No newline at end of file diff --git a/README.md b/README.md deleted file mode 100644 index a09d09e..0000000 --- a/README.md +++ /dev/null @@ -1,2 +0,0 @@ -# streambase -Enabler for event-driven microservices and MQTT communication